Device management

ABSTRACT

Example implementations relate to device management. In some examples, a system may include a computing device comprising executable instructions to authenticate the computing device to a first wireless network, implementing a first level of security, while in an active state. A system may include a computing device comprising executable instructions to disconnect from the first wireless network responsive to entering a sleep state. A system may include a computing device comprising executable instructions to provide, from a basic input/output system (BIOS) of the computing device, a wireless parameter for a second wireless network implementing a second level of security. A system may include a computing device comprising executable instructions to connect to the second wireless network while in the sleep state.

BACKGROUND

A computer network may include a telecommunications network which mayfacilitate communication and/or the sharing of resources betweencomputing devices connected to the computer network. The networkedcomputing devices may exchange data with each other across dataconnections of the computer network. The data connections between thecomputing devices may be established utilizing a cabled media or awireless media.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an example of a system to perform device managementconsistent with the disclosure.

FIG. 2 illustrates a diagram of an example of a processing resource anda non-transitory computer readable medium to perform device managementconsistent with the disclosure.

FIG. 3 illustrates a flow diagram of an example of a method to performdevice management consistent with the disclosure.

DETAILED DESCRIPTION

Network management may include the process of administering and managinga computer network and/or the computing device on a network. Forexample, network management may include fault analysis, performancemanagement, provisioning, maintaining a quality of service (QoS),providing security updates, adding software, removing software,modifying software, updating software, managing settings of thecomputing device, etc. In some examples, network management may beperformed manually by a network administrator. In some examples, networkmanagement may be at least partially automated utilizing a networkmanagement application.

As computing devices become lighter, thinner, and more portable, thereis an increasing prevalence in use of wireless data connections toconnect computing devices of a computer network. That is, computingnetworks may utilize wireless connections such as radio frequency baseddata communication (e.g., Wi-Fi, etc.) to connect with computingdevices. Utilizing a wireless connection not only allows the computingdevice to become untether to a cabled data connection to the network,but it may also allow the user to more easily take the computing devicewith them in order to utilize the device while they travel and/or arelocated in a separate physical location from the computer network.Additionally, eliminating the cabled connection and/or the requisite ofclose proximity to a data connection port may allow a user to roamaround to different locations of the physical area covered by wirelessdata connections of the computing network.

Along with the flexibility of utilizing wireless data connections to acomputing network comes an increased security risk. For example, with awired local area network (LAN) computer network, if you aren'tphysically cabled to the network then you don't have access to thenetwork. Therefore, with a wired LAN secure facility, such as a buildingwith restricted access, may be utilized to keep unwanted network usersand/or computing devices out of the building and off of the network.That is, access to the wired LAN may be physically contained.

In contrast, wireless data connections to a LAN may not be able to bephysically contained in the same manner. For example, since radiofrequency signals may travel through physical barriers such as walls, auser or computing device may be located physically outside of thebuilding housing the components of the computing network, but may beable to wirelessly access the network. As such, computing networks thatinclude wireless data connections may be inherently less secure.

To address the security weaknesses associated with a wireless dataconnection to a LAN, LANs including wireless data connections mayimplement various security protocols for access to the computer networkover the wireless data connections. The security protocols may beconsidered higher level security protocols relative to the securityprotocols implemented for cabled data connections to the LAN. Forexample, wireless LANs (WLANs) may implement certificate based wirelesssecurity authentication mechanisms such as Extensible AuthenticationProtocol (EAP), 802.1x, temporal key integrity protocol (TKIP), etc. torestrict access to the computing network.

The higher level security protocols discussed above may involveprocessing by a supplicant of the operating system of the connectingcomputing device in order to be properly processed. That is, in orderfor a computing device connecting to the network to be authenticated tothe computing network and allowed to connect to the network, asupplicant of the operating system of the connecting computing devicemay need to process a portion of the authentication mechanism. Anoperating system of the connecting computing device may include machinereadable instructions executable by a processor to manage the hardwareand/or applications of the computing device and provide common servicesfor the applications. The ability of the computing device to functionmay depend on the operation of the operating system. A supplicant of theoperating system may include hardware and/or machine readableinstructions executable by a processing resource to process anauthentication request including submitting credentials to connect thecomputing device to the network. The supplicant may be a component ofthe operating system and/or be reliant upon the active execution by aprocessing resource of a portion of the machine readable instructionsmaking up the operating system. An authenticator on the computer networkmay invoke the supplicant installed on the connecting computing deviceand wait for submission of the proper credentials from the supplicant inorder to allow the connecting computing device to establish a wirelessconnection to the computing network.

Computing devices may perform power management. For example, computingdevices may utilize power management schemes to reduce an amount ofpower they consume. Wireless computing devices may rely on portablepower sources with a finite amount of power available to run thewireless computing devices. As such wireless computing devices mayutilize power management schemes to extend the amount of time that thewireless device may operate before exhausting the power source andinvolving a recharge.

A computing device may utilize various system power states in order toachieve power management. For example, a computing device may switchbetween various power states depending on various operating conditionsof the computing state. The power states may correspond to variouslevels of sleep states. A sleep state may include a distinctconfiguration of the operation of the computing device wherein variousunused components (e.g., hardware, instructions executable by aprocessor, etc.) of the computing device are, to some extent, disabledor placed in a lower power consumption state. A sleep state of acomputing device may correspond to an Advanced Configuration and PowerInterface (ACPI) specification power state.

For example, when not in a sleep state a computing device may operate ina configuration corresponding to an ACPI specification S0 working statewhere the computing device and its components are substantially fullyoperational, the central processing unit (CPU) of the computing devicemay execute instructions, the operating system is active, and thecomputing device is operating at full power. A sleep state may includeoperating the computing device in a configuration corresponding to anACPI specification S0 idle state wherein a portion of the components ofthe computing device are receiving a reduced power supply such as amonitor may be off, but background tasks may still be operating, theoperating system may still be active, the CPU may still executeinstructions, etc.

A sleep state may include operation of the computing device in aconfiguration corresponding to an ACPI specification S1 sleep statewherein the computer is consuming less power than in the S0 state. In aconfiguration corresponding to an ACPI specification S1 sleep state somecomponents of the computing device are powered so the computer can waketo a S0 state from input from a keyboard, local area network (LAN), or aUSB device. In a configuration corresponding to an ACPI specification S1sleep state processor caches may be flushed and the CPU may stopexecuting instructions. Further, in a configuration corresponding to anACPI specification S1 sleep state the power supply to the CPU and thevolatile memory of the computing device may be maintained and componentsof the CPU that do not indicate that they are to remain on in the S1state may be disabled.

A sleep state may include operation of the computing device in aconfiguration corresponding to an ACPI specification S2 sleep statewherein the computer is consuming less power than in the S1 state. In aconfiguration corresponding to an ACPI specification S2 sleep state, inaddition to the power saving measures discussed above with relation tothe S1 state, the CPU may be powered off and a cache of dirty data thatis modified within the cache but not modified within the main memory ofthe computing device may be flushed to the volatile memory of thecomputing device.

A sleep state may include operation of the computing device in aconfiguration corresponding to an ACPI specification S3 sleep statewherein the computer is consuming less power than in the S1 or S2 sleepstate. In a configuration corresponding to an ACPI specification S3sleep state, in addition to the power saving measures discussed abovewith relation to the S1 and S2 sleep states, the volatile memory mayremain powered while fans, memory, devices, etc. may be powered down. Ina configuration corresponding to an ACPI specification S3 sleep state,an operating system of the computing device may be non-functional and/ora supplicant component of the operating system may be unavailable.

A sleep state may include operation of the computing device in aconfiguration corresponding to an ACPI specification S4 sleep statewherein the computer is consuming less power than in the S1, S2, and/orthe S3 sleep state. In a configuration corresponding to an ACPIspecification S4 sleep state, in addition to the power saving measuresdiscussed above with relation to the S1, S2, and S3 sleep states, thecontents of the volatile memory of the computing device may be saved tothe non-volatile memory of the computing device (e.g., to a hibernationfile to preserve the system state. In a configuration corresponding toan ACPI specification S4 sleep state an operating system of thecomputing device may be non-functional and/or a supplicant component ofthe operating system may be unavailable. From a configurationcorresponding to an ACPI specification S4 sleep state a working contextmay be restored from the non-volatile memory upon startup of thecomputing device. The computing device may appear to be off.

A sleep state may include operation of the computing device in aconfiguration corresponding to an ACPI specification S5 sleep and/orsoft off state wherein the computer is consuming less power than in theS1, S2, S3, and/or the S4 sleep state. In a configuration correspondingto an ACPI specification S5 sleep state, in addition to the power savingmeasures discussed above with relation to the S1, S2. S3, and S4 sleepstates, a power source of the computing device will supply a baselineamount of power to return the computing device to operation in aconfiguration corresponding to an S0 state. Powering up the computingdevice from the S5 state, unlike the previous states, may involve a fullreboot of the computing device. The computing may not retain previouscontent held in volatile memory and/or or operating state information.In a configuration corresponding to an ACPI specification S5 sleep statean operating system of the computing device may be non-functional and/ora supplicant component of the operating system may be unavailable. Thecomputing device may appear to be off.

As described above, obtaining and/or maintaining access to a securewireless network may involve the processing by a supplicant of theoperating system of the connecting computing device. However, asdescribed above, the computing device may utilize power managementschemes that employee configurations where the operating system and/orsupplicant of the operating system are disabled and/or unavailable. Assuch, a wireless computing device may lose its connection to a computingnetwork when the wireless computing device operates in a configurationcorresponding to the ACPI specification S3-S5 states.

However, network management operations may involve communicating withcomputing devices connected to a computing network. In some examples,network management operations may involve communicating with computingdevices during periods of the day (e.g., late night and/or earlymorning) when the computing devices are least likely to be utilized inorder to avoid interfering with productivity on the network. Networkmanagement operations may include waking computing devices connected tothe network from a sleep state in order to perform management of thecomputing devices. For example, wireless data networks may be based onpackets of data sent between computing devices. A network managementoperation may be implemented using a specially designed wake-on-LAN(WOL) packet to all computing devices connected to a network. The WOLpacket may contain the MAC address of a destination computers, anidentifying number built into each network interface card or otherEthernet device in a computer that enables it to be uniquely recognizedand addressed on a network. Computing devices that are connected to thenetwork and are off or powered down into a sleep state may be capable oflistening to incoming packets in the off or powered down state. When thecomputing device receives a WOL packet that is addressed to the devicesMAC address, the MAC may signal the computing device's power supply ormotherboard to initiate a system wake-up, much in the same way aspressing the power button would do. The WOL packet may be sent by anetwork manager on the data link layer (e.g., layer 2 in the OSI model).The WOL packet may be broadcast to all computing devices connected tothe given network using the network broadcast address. WOL packets thatare broadcast on wireless local area networks (WLAN) may be referred toas wake-on-wireless local area network (WoWLAN) packets.

Since computing devices connected to a computing network via a wirelessdata connection employing the above described higher level securitymeasures may lose network connectivity upon entering sleep states wherethe operating system is disabled and/or a supplicant of an operatingsystem is unavailable, they may be unavailable to be managed duringnetwork management operations. For example, without a connection to thecomputing network being managed, a computing device will not be able toreceive and/or respond to a WOL packet broadcast on the network. Assuch, the computing devices either cannot be managed or securitymeasures for the network are stripped away such that a computing deviceutilizing a wireless data connection may maintain its connection in theabsence of an operational operating system and/or accessible supplicantthereof.

In contrast, examples of the present disclosure may include a system toprovide for the management of the computing devices utilizing a wirelessdata connection while preserving the higher level security measuresassociated with the connection to the network resources. For example,the system may include machine-readable instructions executable by aprocessing resource to authenticate a computing device to a firstwireless network, implementing a first level of security, while in anactive state. The system may include machine-readable instructionsexecutable by a processing resource to disconnect from the firstwireless network responsive to entering a sleep state. The system mayinclude machine-readable instructions executable by a processingresource to provide, from a basic input/output system (BIOS) of thecomputing device, a wireless parameter for a second wireless networkimplementing a second level of security. The system may includemachine-readable instructions executable by a processing resource toconnect to the second wireless network while in the sleep state.

FIG. 1 illustrates an example of a system to perform device managementconsistent with the disclosure. The system may include a computingdevice 102. A computing device 102 may include a stationary or desktopcomputing device. Alternatively, the computing device 102 may include amobile computing device such as a laptop computer, a handheld computer,a smartphone, a tablet computer, a smart device, etc. The computingdevice 102 may include a processing resource and a machine readablemedium storing instructions executable by the processing resource toperform various operations.

The computing device 102 may include instructions and/or hardware toestablish a wireless data connection to a computing network. Forexample, the computing device 102 may include a Wi-Fi radio, a Bluetoothradio, and or other chipset for transmitting and/or receiving datawirelessly.

The system 100 may include a first computing network 104-1 and a secondcomputing network 104-2. The first computing network 104-1 may be awireless local area network (WLAN). The second computing network 104-2may be a WLAN that is distinct from the first computing network 104-1.The first computing network 104-1 and the second computing network 104-2may be advertised and/or provided from two separate routers and/orwireless access points. The first network 104-1 and the second network104-2 may be connected to two separated wired networks. Alternatively,the first network 104-1 and the second network 104-2 may be advertisedand/or provided by one or two radios of a same router and/or wirelessaccess point. The first network 104-1 and the second network 104-2 maybe connected to a same wired network.

The first computing network 104-1 and the second computing network 104-2may be associated with distinct service set identifiers (SSIDs). Thatis, the first computing network 104-1 may have a different SSID than thesecond computing network 104-2.

The first computing network 104-1 may implement a first level of networksecurity. That is, wireless access by the computing device 102 to thefirst computing network 104-1 may involve satisfying a first level ofsecurity protocols. The first level of security protocols may includecertificate based wireless security authentication mechanisms such asEAP 802.1x protocols, TKIPs, etc. Since these security measures may beconsidered higher level security, access to the first computing network104-1 may include access to sensitive data and/or other resources on thefirst computing network 104-1.

The second computing network 104-2 may implement a second level ofnetwork security. The second level of network security may include fewerand/or less rigorous security mechanisms that those implemented withrespect to the first computing network 104-1. For example, the secondcomputing network 104-2 may implement an open system authentication(OSA). Implementing an OSA may include granting network access to acomputing device 102 utilizing the wired equivalent privacy (WEP)protocol. For network access to be granted to a computing device 102,the SSID of the computing device 102 should match the SSID of a wirelessaccess point through which the computing device 102 is attempting toconnect to the second computing network 104-2. That is, the SSID mayinclude a sequence of characters that uniquely name a WLAN such assecond computing network 104-2. When the computing device 102 attemptsto connect to the second computing network 104-2 the computing device102 may send a request for authentication to a wireless access point andthe wireless access point may generate an authentication code for thesession. The computing device 102 may accept the authentication code andjoint the network as long as the session continues and the computerremains within range of the second computing network 104-2.

Since the security protocols associated with accessing the secondcomputing network 104-2 are relatively low level and non-rigors ascompared with the relatively higher level security to access the firstcomputing network 104-1 access to sensitive data and/or other resourceson the second computing network 104-2 may be restricted and/orsubstantially eliminated. For example, the second computing network104-2 may filter out and/or prohibit network traffic other than a wakeon wireless local area network (WoWLAN) packets. That is, traffic acrossthe second computing network 104-2 may be limited to WoWLAN packets. Acomputing device 102 connected to second computing network 104-2 may beprohibited and/or prevented from other network data and/or access toother network resources.

The computing device 102 may utilize a power management scheme. Forexample, the computing device may employ various operatingconfigurations to manage power consumption. The operating configurationsmay correspond to ACPI specification states as described above. Forexample, the computing device 102 may operate in an active state.Operating in an active state may correspond to operating in an ACPIspecification S0 state. For example, the computing device 102 mayoperate in an active state where the computing device 102 is powered on,the CPU of the computing device 102 is executing or ready to executeinstructions, the operating system of the computing device 102 is fullyenabled, the supplicant associated with the operating system of thecomputing device 102 is available for utilization, the peripheralcomponent interconnect of the computing device 102 is fully enabled, theaccelerated graphics port of the computing device 102 is fully enabled,volatile memory of the computing device 102 is being read from and/orwritten to or refreshed, and/or non-volatile memory is active.

While in the active state, a processing resource of the computing device102 may execute instructions to authenticate the computing device 102with the first computing network 104-1. Since the operating system isfully enabled and its associated supplicant is available for performingauthentication in the active state, the computing device 102 mayestablish and maintain a connection with the first computing network104-1 while in the active state. That is, a supplicant of the operatingsystem of the computing device 102 may process an authentication requestincluding submitting credentials to connect and/or maintain a connectionfrom the computing device 102 to the first computing network 104-1.

The computing device 102 may additionally operate in a sleep state. Thatis, the computing device 102 may transition from an active state to asleep state. Operating in a sleep state may correspond to operating inan ACPI specification S1, S2, S3, S4, and/or S5 state. For example, thecomputing device 102 may operate in and/or transition to a sleep statecorresponding to an ACPI specification S1 sleep state as described aboveincluding where the computing device 102 is powered on, the CPU of thecomputing device 102 is not executing instructions and is not ready toexecute instructions although the registers and caches of the computingdevice 102 are maintained, the volatile memory of the computing device102 may be idle but refreshed, the power supply state may be on, and thenon-volatile storage may be off. Additionally, the computing device 102may operate in and/or transition to a sleep state corresponding to anACPI specification S2 sleep state as described above including where thevolatile memory is refreshing normally, the CPU is powered off, and thedirty cache is flushed to volatile memory. The computing device 102 mayadditionally operate in and/or transition to a sleep state correspondingto an ACPI specification S3 sleep state as described above includingwhere the state may be enabled by a circuit closing jumper on themotherboard of the computing device 102 or by support in a basic inputoutput system (BIOS) of the computing device 102, the CPU of thecomputing device 102 may not be executing instructions or be ready toexecute instructions, the registers and cache of the CPU may not bemaintained, the operating system of the computing device 102 maycomplete flushing dirty pages from a cache upon entering a state butthen the operating system may be non-functional and/or a supplicantcomponent of the operating system may be unavailable, the power supplystate may set to off, and/or the volatile memory may refresh at areduced refresh rate relative to predecessor sleep states S1 and S2. Thecomputing device 102 may additionally operate in and/or transition to asleep state corresponding to an ACPI specification S4 sleep state asdescribed above including where the hardware of the computing device 102is in an off state and maintains no context data, resuming the systemmay be limited to a timer or hardware resume device such as a WoWLANpacket, but not by interrupts, the power supply may be in an off state,the operating system of the computing device 102 may be non-functionaland/or a supplicant component of the operating system may beunavailable. The computing device 102 may additionally operate in and/ortransition to a sleep state corresponding to an ACPI specification S5sleep state as described above including where the hardware of thecomputing device 102 is in an off state and maintains no context data,the power supply is in an off state, and/or the operating system of thecomputing device 102 may be non-functional and/or a supplicant componentof the operating system may be unavailable.

The computing device 102 may include executable instructions todisconnect from the first wireless network 104-1 responsive to exitingfrom the active state and/or entering a sleep state. For example, thecomputing device 102 may disconnect from the first wireless network104-1 in response to entering a sleep state corresponding to an advancedconfiguration and power interface (ACPI) specification S3 sleep state,an ACPI specification S4 sleep state, and/or an ACPI specification S5sleep state. Since, as described above, the operating system of thecomputing device 102 and/or a supplicant of the operating systeminvolved in satisfying the security protocol implemented by the firstwireless network 104-1 are unavailable when the computing device 102enters these sleep states, the authentication with and/or maintenance ofa connection to the first wireless network 104-1 may not be accomplishedin these states.

The computing device 102 may include executable instructions to providea wireless parameter for the second wireless network 104-2. The wirelessparameter may include an SSID associated with and/or identifying thesecond wireless network 104-2 for the computing device 102 to connectto. Providing the wireless parameter may include configuring a firmwareof a wireless network interface controller card of the computing device102 with the wireless parameter. The wireless parameter may be providedfrom a BIOS of the computing device 102. For example, since theoperating system and/or the supplicant are disabled in the abovedescribed sleep states, the BIOS of the computing device 102 may be thesource of the SSID. By storing the wireless parameter in and/orproviding the wireless parameter from the BIOS while the computer is ina sleep mode the system 100 provides for a complete separation amongaccess to the first network 104-1 and access to the second network 104-2adding a layer of increased security. Segregating the access to thewireless parameter to an operating configuration when the BIOS is incontrol of the computing device 102 may prevent abuse and maliciousactivities by users since the user may have little to no control overthe computing device 102 while its operating system is disabled. Since,as described above, the second wireless network 104-2 may employsubstantially lower level, more open, and less rigorous securityprotocols to gain access, protecting access to the second wirelessnetwork 104-2 by restricting storage and/or provision of the wirelessparameter involved in connecting to the second wireless network 104-2may serve as an additional layer of security to supplement any securityprotocols associated with accessing the second wireless network 104-2.

The computing device 102 may include executable instructions to connectto the second wireless network 104-2 while in the sleep state. Again,restricting the connection to the second wireless network 104-2 toduring the sleep state may prevent malicious access of the secondwireless network 104-2. Connecting to the second wireless network 104-2may include utilizing the wireless parameter to connect to the secondwireless network 104-2.

Once the computing device 102 is connected to the second wirelessnetwork 104-2 the computing device may maintain its connection to thesecond wireless network 104-2 while it is in the sleep state. Thecomputing device 102 may wait in the sleep state to detect a WoWLANpacket. Once the computing device receives a WoWLAN packet the computingdevice may execute instructions to disconnect from the second wirelessnetwork 104-2. The computing device may remain in the sleep state and/orin a transitory state between sleep state and an active state until ithas disconnected from the second wireless network 104-2.

In response to the computing device 102 disconnecting from the secondwireless network 104-2, the computing device 102 may be triggered towake and/or complete a wake process to transition to operating in theactive state. In the active state, the functionality and/or availabilityof the operating system and/or its supplicant may be restored. As such,the computing device 102 may execute instructions to connect to thefirst wireless network 104-1 once again. For example, the computingdevice 102 may, once it has entered the active state, utilize itsoperating system supplicant to authenticate the computing device 102with the network (e.g., by satisfying an authentication mechanism of thesecond wireless network 104-2 such as an extensible authenticationprotocol (EAP), an 802.1x protocol, a temporary key integrity protocol(TKIP), and a certificate based protocol). Upon authentication, thecomputing device 102 may have profile-appropriate access to sensitivedata and network resources of the second wireless network 104-2.

FIG. 2 illustrates a diagram 220 of an example of a processing resource222 and a non-transitory computer readable medium 224 to perform devicemanagement consistent with the disclosure. A memory resource, such asthe non-transitory computer readable medium 224, may be used to storeinstructions (e.g., 226, 228, 230, 232, 234, 236, etc.) executed by theprocessing resource 222 to perform the operations as described herein. Aprocessing resource 222 may execute the instructions stored on thenon-transitory computer readable medium 224. The non-transitory computerreadable medium 224 may be any type of volatile or non-volatile memoryor storage, such as random access memory (RAM), flash memory, read-onlymemory (ROM), storage volumes, a hard disk, or a combination thereof.

In addition to, or in place of, the execution of executableinstructions, various examples of the present disclosure can beperformed via one or more devices (e.g., one or more controllers) havinglogic. As used herein, “logic” is an alternative or additionalprocessing resource to execute the actions and/or functions, etc.,described herein, which includes hardware (e.g., various forms oftransistor logic, application specific integrated circuits (ASICs),etc.), as opposed to computer executable instructions (e.g., software,firmware, etc.) stored in memory and executable by a processor. It ispresumed that logic similarly executes instructions for purposes of theembodiments of the present disclosure.

The example medium 224 may store instructions 226 executable by theprocessing resource 222 to disconnect a computing device from a firstwireless network in response to the computing device entering a sleepstate. For example, the computing device may detect a trigger totransition to a sleep state corresponding to an ACPI specification stateS3, S4, and/or S5 from an active state corresponding to an ACPIspecification state S0 or from a sleep state corresponding to an ACPIspecification state S1 or S2. The computing device may activelyterminate the connection with the first wireless network in response todetecting the trigger. Alternatively, the connection between thecomputing device and an access point broadcast the first wirelessnetwork may be terminated as a result of the operating system and/or asupplicant of the operating system of the computing device beingdisabled and/or rendered unavailable by operation of the computingdevice in the sleep state.

The first wireless network may include a wirelessly accessible computingnetwork. The first wireless network may provide connected computingdevices access to an internet connection, data available across thefirst wireless network, and/or access to network resources (e.g., datastorage, other computing devices, servers, web services, virtualmachines, instructions executable by a processor, processing resources,printers, scanners, fax machines, access points, modems, routers, etc.).The first wireless network may employee security protocols to preventunauthorized access to the network. For example, the first wirelessnetwork may utilize an extensible authentication protocol (EAP), an802.1x protocol, a temporary key integrity protocol (TKIP), and/or acertificate based protocol. As such, for the computing device toestablish and/or maintain a connection to the first wireless network,the supplicant of the operating system of the computing device mayauthenticate the computing device with the first wireless network.

The example medium 224 may store instructions 228 executable by theprocessing resource 222 to provide a wireless parameter for establishinga connection to a second wireless network. For example, the wirelessparameter may be utilized to identify and/or establish a connection withthe second wireless network. For example, a network interface controllercard of the computing device may utilize the wireless parameter toidentify the second wireless network to connect to. The wirelessparameter may include a service set identifier of the second wirelessnetwork. The second wireless network may include a wirelessly accessiblecomputing network. The second wireless network may employ an open systemauthentication whereby the computing device may connect to the secondwireless network so long as the computing device is able to identify thesecond wireless network based on the wireless parameter.

The first wireless network and the second wireless network may haveaccess to and/or be in communication with data and/or network resourcesof a common network infrastructure (e.g., common access points, a commonInternet connection, common routers, common modems, a common cabled dataconnection source, common data storage, access to common computingdevices, common servers, common web services, common virtual machines,common instructions executable by a processor, common processingresources, common printers, common scanners, common fax machines, etc.),etc.). However, the access to the common resources across the secondwireless network may be limited. For example, computing devicesconnected to the second wireless network may have their access limitedto a portion of the common resources that associated with the transitionof the computing device to the active state. For example, the secondwireless network may be a wireless network dedicated to devicemanagement. That is, the second wireless network may be a wirelessnetwork maintained and/or utilized for the performance of devicemanagement of computing devices that are intended to be utilized on thefirst wireless network when they are in an active state. For example,the first wireless network may be a productivity network maintainedand/or utilized to conduct work, entertainment, and/or business across,where the second wireless network is a device management network that ismaintained and/or utilized for the sole purpose of managing computingdevices that will utilize the first wireless network when they are in anactive state, but are in a sleep state at the time of the devicemanagement operations.

Traffic across the second wireless network may be limited wake packets.Wake packets may include a broadcast frame, targeting a specific type ofnetwork interface, enabling a remote access of a network manager to thecomputing device in the sleep state. Specifically, the wake packets maycause the computing device to transition from a sleep state to an activestate for device management operations to be performed thereupon. Forexample, the wake packets may include data packets such as WOL and/orWoWLAN network messages. As such, the computing devices connected to thesecond wireless network may have their access limited to wake packetsoriginating from the common network infrastructure between the first andsecond wireless networks.

The wireless parameter provided for identifying and/or establishing aconnection to the second wireless network may be stored in and/orprovided from the BIOS of the computing system. For example, thefirmware of a wireless network interface controller card of thecomputing device may be configured with the wireless parameter by theBIOS. Since the provision of the wireless parameter is handled by theBIOS, the operating system and/or its supplicant need not be enabled oravailable for the wireless parameter to be provided.

The example medium 224 may store instructions 230 executable by theprocessing resource 222 to connect the computing resource to the secondwireless network. The computing resource may be connected to the secondwireless network utilizing the wireless parameter. For example, awireless network interface may utilize the SSID provided by the BIOS toestablish a connection to the second wireless network. Both theprovision of the wireless parameter and the connection to the secondwireless network may be established while the computing device is in thesleep state. Therefore, both the provision of the wireless parameter andthe connection to the second wireless network may be established whilean operating system and/or a supplicant of the operating system of thecomputing device may be disabled and/or unavailable due to its operationin a sleep state.

The example medium 224 may store instructions 232 executable by theprocessing resource 222 to disconnect the computing device from thesecond wireless network. The computing device may disconnect from thesecond wireless network responsive to detecting a wake packet on thesecond wireless network. The computing device may disconnect from thesecond wireless network subsequent to receiving the wake packet butprior to leaving the sleep state. That is, the computing device maydisconnect from the second wireless network while it is in the sleepstate and/or before it has entered an active state.

In some examples, the computing device may disconnect from the secondwireless network responsive to a prompt to exit the sleep state. Theprompt may be a prompt other than a wake packet. The prompt may includea command from a user and/or a timer to exit the sleep state. Forexample, a user may hit a power button and/or click a mouse pad to wakethe computing device back to an active state. The computing device maydisconnect from the second wireless device before entering the activestate.

The example medium 224 may store instructions 234 executable by theprocessing resource 222 to transition the computing device to an activestate. Transitioning the computing device may include exiting a sleepstate and entering an active state. In some examples, transitioning thecomputing device may include restoring a power supply and/or afunctionality of the computing device. The computing device may betransitioned into the active state subsequent to disconnecting thecomputing device from the second wireless network.

The example medium 224 may store instructions 236 executable by theprocessing resource 222 to reconnect the computing device to the firstwireless network. The computing device may be reconnected to the firstwireless computing network by authentication of the computing devicewith the first wireless network. For example, the computing device maysatisfy a security protocol implemented to secure the first wirelessnetwork through an authentication mechanism. The computing device may beauthenticated with the first wireless network utilizing an operatingsystem of the computing device and/or a supplicant of the computingdevice operating system. Since the authentication involves the operatingsystem of the computing device, the authentication and/or reconnectionmay occur while the computing device is in an active state.

FIG. 3 illustrates a flow diagram of an example of a method 340 toperform device management consistent with the disclosure. At 342, themethod 340 may include disconnecting a computing device from a firstwireless network. The computing device may be wirelessly connected tothe first wireless network. The first wireless network may include acomputing network to be utilized for personal, business, entertainment,and/or other productivity purposes.

The computing device may have authenticated itself with the firstwireless network. The computing device may have utilized its operatingsystem, while in an active state, to authenticate itself to the firstwireless network. The computing device may be disconnected from thefirst wireless network in response to the computing device entering asleep state.

At 344, the method 340 may include configuring a wireless networkinterface controller card of the computing device with a wirelessparameter for a second wireless network. The wireless parameter mayinclude an identifier of a second wireless network dedicated to wakepacket traffic. The wireless parameter for the second wireless networkmay be stored and/or retrieved by a BIOS of the computing device.

The BIOS may retrieve the wireless parameter while the computing deviceis in a sleep state where the operating system is disabled. As suchconfiguring the wireless network interface controller card of thecomputing device with the wireless parameter from the BIOS of thecomputing device may include configuring the wireless network interfacecontroller by utilizing a unified extensible firmware interface (UEFI)call issued from the BIOS responsive to detecting the computing deviceis in the sleep state.

At 346, the method 340 may include connecting the computing device tothe second wireless network. The second wireless network may include anetwork that is substantially dedicated to device management ofcomputing devices in a sleep state that may connect to and/or utilizethe first wireless network in the future.

The computing device may connect to the second wireless network while itis operating in a sleep state. The computing device may identify and/orconnect to the second wireless network utilizing the wireless parameterconfigured to the wireless network interface controller by the BIOS.

At 348, the method 340 may include disconnecting the computing devicefrom the second wireless network. The computing device may disconnectfrom the second wireless network while it is operating in a sleep state.The computing device may disconnect from the second wireless network inresponse to detecting and/or receiving a wake packet across the secondwireless network. For example, the computing device may disconnect fromthe second wireless network in response to receiving a WoWLAN packetover the second wireless network while in a sleep state.

At 350, the method 340 may include reconnecting the computing devicewith the first wireless network. The computing device may be reconnectedto the first wireless network in response to the computing deviceentering an active state. Reconnecting the computing device to the firstwireless network may include re-authenticating the computing device withthe first wireless network.

In the foregoing detailed description of the disclosure, reference ismade to the accompanying drawings that form a part hereof, and in whichis shown by way of illustration how examples of the disclosure may bepracticed. These examples are described in sufficient detail to enablethose of ordinary skill in the art to practice the examples of thisdisclosure, and it is to be understood that other examples may beutilized and that process, electrical, and/or structural changes may bemade without departing from the scope of the disclosure.

The figures herein follow a numbering convention in which the firstdigit corresponds to the drawing figure number and the remaining digitsidentify an element or component in the drawing. For example, referencenumeral 102 may refer to element “02” in FIG. 1. Elements shown in thevarious figures herein can be added, exchanged, and/or eliminated so asto provide a number of additional examples of the disclosure. Inaddition, the proportion and the relative scale of the elements providedin the figures are intended to illustrate the examples of thedisclosure, and should not be taken in a limiting sense. Further, asused herein, “a” and “a number of” an element and/or feature can referto one or more of such elements and/or features.

What is claimed:
 1. A system comprising: a computing device comprising amemory resource having executable instructions to: authenticate thecomputing device to a first wireless network implementing a certificatebased first level of security while the computing device is in an activestate and process the authentication utilizing a supplicant of anoperating system of the computing device; disconnect from the firstwireless network responsive to entering a sleep state; provide, from abasic input/output system (BIOS) of the computing device, a wirelessparameter for a second wireless network implementing an open systemauthentication second level of security; connect to the second wirelessnetwork while in the sleep state; disconnect from the second wirelessnetwork responsive to detecting a wake packet on the second wirelessnetwork; and reconnect with the first wireless network, responsive toentering an active state upon disconnecting from the second wirelessnetwork, by authenticating the computing device with the first wirelessnetwork.
 2. The system of claim 1, wherein the certificate based firstlevel of security includes an authentication mechanism selected from thegroup consisting of an extensible authentication protocol (EAP), a802.1x protocol, and a temporary key integrity protocol (TKIP).
 3. Thesystem of claim 1, wherein the active state includes an advancedconfiguration and power interface (ACPI) specification S0 state.
 4. Thesystem of claim 1, wherein the sleep state is selected from the groupconsisting of an advanced configuration and power interface (ACPI)specification S3 state, an ACPI specification S4 state, and an ACPIspecification S5 state.
 5. The system of claim 1, wherein the secondwireless network filters out network traffic other than a wake onwireless local area network (WoWLAN) network message.
 6. Anon-transitory computer-readable medium containing instructionsexecutable by a processor to cause the processor to: disconnect acomputing device authenticated with a first wireless network from thefirst wireless network responsive to the computing device entering asleep state, wherein the first wireless network implements a certificatebased first level of security; provide, from a basic input/output system(BIOS) of the computing device while the computing device is in thesleep state, a wireless parameter for a second wireless networkdedicated to device management, wherein the second wireless networkimplements an open system authentication second level of security;connect, utilizing the wireless parameter, the computing device to thesecond wireless network while the computing device is in the sleepstate; disconnect the computing device from the second wireless networkresponsive to detecting, by the computing device, a wake packet on thesecond wireless network; transition the computing device to an activestate subsequent to disconnecting the computing device from the secondwireless network; and reconnect the computing device to the firstwireless network by authenticating the computing device with the firstwireless network utilizing a supplicant of an operating system of thecomputing device.
 7. The non-transitory computer-readable medium ofclaim 6, wherein the wake packet includes a broadcast frame, targeting aspecific type of network interface, enabling a remote access to thecomputing device in the sleep state.
 8. The non-transitorycomputer-readable medium of claim 6, wherein: the first wireless networkand the second wireless network have access to resources of a commonnetwork infrastructure; and the access of the second wireless network tothe resources is limited to a portion of the resources associated withthe transition of the computing device to the active state.
 9. Thenon-transitory computer-readable medium of claim 6, includinginstructions executable by the processor to identify the second wirelessnetwork to connect with based on the wireless parameter.
 10. Thenon-transitory computer-readable medium of claim 6, wherein the wirelessparameter includes a service set identifier (SSID) of the secondwireless network.
 11. The non-transitory computer-readable medium ofclaim 6, including instructions executable by the processor to configurea firmware of a wireless network interface controller card of thecomputing device with the wireless parameter.
 12. A method comprising:disconnecting a computing device authenticated with a first wirelessnetwork from the first wireless network responsive to the computingdevice entering a sleep state, wherein the first wireless networkimplements a certificate based first level of security; configuring awireless network interface controller card of the computing device witha wireless parameter for a second wireless network dedicated to wakepacket traffic, wherein the wireless parameter is retrieved by a basicinput/output system (BIOS) of the computing device while in the sleepstate; connecting the computing device to the second wireless network,while in the sleep state, using the wireless parameter, wherein thesecond wireless network implements an open system authentication secondlevel of security; disconnecting the computing device from the secondwireless network responsive to receiving a wake packet across the secondwireless network; and reconnecting the computing device with the firstwireless network, responsive to the computing device entering an activestate, by authenticating the computing device with the first wirelessnetwork utilizing a supplicant of an operating system of the computingdevice.
 13. The method of claim 12, comprising configuring the wirelessnetwork interface controller card of the computing device with thewireless parameter from the basic input/output system (BIOS) of thecomputing device by a unified extensible firmware interface (UEFI) callissued from the BIOS responsive to detecting the computing device is inthe sleep state.